diff --git a/.github/workflows/check-generated-files.yml b/.github/workflows/check-generated-files.yml index e60ad814f34..a3576beedfa 100644 --- a/.github/workflows/check-generated-files.yml +++ b/.github/workflows/check-generated-files.yml @@ -23,7 +23,7 @@ jobs: with: go-version: 1.21.x cache-dependency-path: "go.sum" - + - name: Check for changes in go.mod run: | go mod tidy diff --git a/ADOPTERS.md b/ADOPTERS.md index d0479a15f50..2514847f694 100644 --- a/ADOPTERS.md +++ b/ADOPTERS.md @@ -6,6 +6,7 @@ To accomplish this, we created a public ledger. The list of organizations and us Where users themselves directly maintain the list. ## Adding yourself as an adopter + If you are using Magistrala, please consider adding yourself as an adopter with a brief description of your use case by opening a pull request to this file and adding a section describing your adoption of Magistrala technology. **Please send PRs to add or remove organizations/users** @@ -20,17 +21,15 @@ T: Type of adaptation: Evaluation, Core Technology, Production Usage (optional) ``` ## Requirements -* You must represent the user or organization listed. Do NOT add entries on behalf of other organizations or individuals. -Pull request commit must be [signed](https://docs.github.com/en/github/authenticating-to-github/signing-commits) and auto-checked with [ Developer Certificate of Origin (DCO)](https://probot.github.io/apps/dco/) -* There is no minimum requirement or adaptation size, but we request to list permanent deployments only, i.e., no demo or trial deployments. Commercial or production use is not required. A well-done home lab setup can be equally impressive as a large-scale commercial deployment. +- You must represent the user or organization listed. Do NOT add entries on behalf of other organizations or individuals. + Pull request commit must be [signed](https://docs.github.com/en/github/authenticating-to-github/signing-commits) and auto-checked with [ Developer Certificate of Origin (DCO)](https://probot.github.io/apps/dco/) +- There is no minimum requirement or adaptation size, but we request to list permanent deployments only, i.e., no demo or trial deployments. Commercial or production use is not required. A well-done home lab setup can be equally impressive as a large-scale commercial deployment. **The list of organizations/users that have publicly shared the usage of Magistrala:** **Note**: Several other organizations/users couldn't publicly share their usage details but are active project contributors and Magistrala Community members. - ## Adopters list (alphabetical) - **Note:** The list is maintained by the users themselves. If you find yourself on this list, and you think it's inappropriate. Please contact [project maintainers](https://github.com/absmach/magistrala/blob/master/MAINTAINERS) and you will be permanently removed from the list. diff --git a/api/asyncapi/mqtt.yml b/api/asyncapi/mqtt.yml index 7f7ba0afc36..1e6c8592a45 100644 --- a/api/asyncapi/mqtt.yml +++ b/api/asyncapi/mqtt.yml @@ -1,14 +1,14 @@ # Copyright (c) Abstract Machines # SPDX-License-Identifier: Apache-2.0 -asyncapi: '2.6.0' -id: 'https://github.com/absmach/magistrala/blob/master/api/asyncapi/mqtt.yml' +asyncapi: "2.6.0" +id: "https://github.com/absmach/magistrala/blob/master/api/asyncapi/mqtt.yml" info: title: Magistrala MQTT Adapter - version: '1.0.0' + version: "1.0.0" contact: name: Magistrala Team - url: 'https://github.com/absmach/magistrala' + url: "https://github.com/absmach/magistrala" email: info@mainflux.com description: | MQTT adapter provides an MQTT API for sending messages through the platform. MQTT adapter uses [mProxy](https://github.com/absmach/mproxy) for proxying traffic between client and MQTT broker. @@ -16,9 +16,8 @@ info: license: name: Apache 2.0 - url: 'https://github.com/absmach/magistrala/blob/master/LICENSE' - - + url: "https://github.com/absmach/magistrala/blob/master/LICENSE" + defaultContentType: application/json servers: @@ -29,35 +28,35 @@ servers: variables: port: description: Secure connection (TLS) is available through port 8883. - default: '1883' + default: "1883" enum: - - '1883' - - '8883' - security: + - "1883" + - "8883" + security: - user-password: [] channels: channels/{channelID}/messages/{subtopic}: parameters: channelID: - $ref: '#/components/parameters/channelID' + $ref: "#/components/parameters/channelID" in: path required: true subtopic: - $ref: '#/components/parameters/subtopic' - in: path + $ref: "#/components/parameters/subtopic" + in: path required: false publish: traits: - - $ref: '#/components/operationTraits/mqtt' + - $ref: "#/components/operationTraits/mqtt" message: - $ref: '#/components/messages/jsonMsg' + $ref: "#/components/messages/jsonMsg" subscribe: traits: - - $ref: '#/components/operationTraits/mqtt' + - $ref: "#/components/operationTraits/mqtt" message: - $ref: '#/components/messages/jsonMsg' + $ref: "#/components/messages/jsonMsg" components: messages: @@ -96,14 +95,14 @@ components: description: Arbitrary message subtopic. schema: type: string - default: '' - + default: "" + securitySchemes: user-password: type: userPassword description: | username is thing ID connected to the channel defined in the mqtt topic and - password is thing key corresponding to the thing ID + password is thing key corresponding to the thing ID operationTraits: mqtt: diff --git a/api/asyncapi/websocket.yml b/api/asyncapi/websocket.yml index 5f75a4501c8..13cf959ac74 100644 --- a/api/asyncapi/websocket.yml +++ b/api/asyncapi/websocket.yml @@ -2,25 +2,25 @@ # SPDX-License-Identifier: Apache-2.0 asyncapi: 2.6.0 -id: 'https://github.com/absmach/magistrala/blob/master/api/asyncapi/websocket.yml' +id: "https://github.com/absmach/magistrala/blob/master/api/asyncapi/websocket.yml" info: title: Magistrala WebSocket adapter description: WebSocket adapter provides a WebSocket API for sending messages through communication channels. WebSocket adapter uses [mProxy](https://github.com/absmach/mproxy) for proxying traffic between client and MQTT broker. - version: '1.0.0' + version: "1.0.0" contact: name: Magistrala Team - url: 'https://github.com/absmach/magistrala' + url: "https://github.com/absmach/magistrala" email: info@mainflux.com license: name: Apache 2.0 - url: 'https://github.com/absmach/magistrala/blob/master/LICENSE' + url: "https://github.com/absmach/magistrala/blob/master/LICENSE" tags: - name: WebSocket defaultContentType: application/json servers: dev: - url: 'ws://{host}:{port}' + url: "ws://{host}:{port}" protocol: ws description: Default WebSocket Adapter URL variables: @@ -29,43 +29,43 @@ servers: default: localhost port: description: Magistrala WebSocket Adapter port - default: '8186' + default: "8186" channels: - 'channels/{channelID}/messages/{subtopic}': + "channels/{channelID}/messages/{subtopic}": parameters: channelID: - $ref: '#/components/parameters/channelID' + $ref: "#/components/parameters/channelID" in: path required: true subtopic: - $ref: '#/components/parameters/subtopic' + $ref: "#/components/parameters/subtopic" in: path required: false publish: summary: Publish messages to a channel operationId: publishToChannel message: - $ref: '#/components/messages/jsonMsg' + $ref: "#/components/messages/jsonMsg" messageId: publishMessage bindings: ws: method: POST query: - subtopic: '{$request.query.subtopic}' + subtopic: "{$request.query.subtopic}" security: - bearerAuth: [] subscribe: summary: Subscribe to receive messages from a channel operationId: subscribeToChannel message: - $ref: '#/components/messages/jsonMsg' + $ref: "#/components/messages/jsonMsg" messageId: subscribeMessage bindings: ws: method: GET query: - subtopic: '{$request.query.subtopic}' + subtopic: "{$request.query.subtopic}" security: - bearerAuth: [] /version: @@ -92,7 +92,7 @@ components: summary: Arbitrary JSON array or object. contentType: application/json payload: - $ref: '#/components/schemas/jsonMsg' + $ref: "#/components/schemas/jsonMsg" schemas: jsonMsg: type: object @@ -134,7 +134,7 @@ components: description: Arbitrary message subtopic. schema: type: string - default: '' + default: "" securitySchemes: bearerAuth: type: http diff --git a/api/openapi/README.md b/api/openapi/README.md index 1d635234abb..c2861b830e5 100644 --- a/api/openapi/README.md +++ b/api/openapi/README.md @@ -2,4 +2,4 @@ This folder contains an OpenAPI specifications for Magistrala API. -View specification in Swagger UI at [api.mainflux.io](https://api.mainflux.io) \ No newline at end of file +View specification in Swagger UI at [api.mainflux.io](https://api.mainflux.io) diff --git a/api/openapi/auth.yml b/api/openapi/auth.yml index d68ba0ed61b..f7fe7590391 100644 --- a/api/openapi/auth.yml +++ b/api/openapi/auth.yml @@ -462,7 +462,7 @@ paths: dataset is consumed either by making subsequent requests, or by increasing the subset size of the initial request. parameters: - - $ref: "users.yml#/components/parameters/MemberID" + - $ref: "#/components/parameters/MemberID" - $ref: "#/components/parameters/Limit" - $ref: "#/components/parameters/Offset" - $ref: "#/components/parameters/Metadata" @@ -797,6 +797,15 @@ components: schema: type: string required: false + MemberID: + name: memberID + description: Unique member identifier. + in: path + schema: + type: string + format: uuid + required: true + example: bb7edb32-2eac-4aad-aebe-ed96fe073879 requestBodies: DomainCreateReq: diff --git a/api/openapi/bootstrap.yml b/api/openapi/bootstrap.yml index 2a8177a54fc..4fad47b115b 100644 --- a/api/openapi/bootstrap.yml +++ b/api/openapi/bootstrap.yml @@ -25,7 +25,7 @@ tags: externalDocs: description: Find out more about Configs url: https://docs.magistrala.abstractmachines.fr/ - + paths: /things/configs: post: @@ -38,15 +38,15 @@ paths: requestBody: $ref: "#/components/requestBodies/ConfigCreateReq" responses: - '201': + "201": $ref: "#/components/responses/ConfigCreateRes" - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '415': + "415": description: Missing or invalid content type. - '500': + "500": $ref: "#/components/responses/ServiceError" get: summary: Retrieves managed configs @@ -63,13 +63,13 @@ paths: - $ref: "#/components/parameters/State" - $ref: "#/components/parameters/Name" responses: - '200': + "200": $ref: "#/components/responses/ConfigListRes" - '400': + "400": description: Failed due to malformed query parameters. - '401': + "401": description: Missing or invalid access token provided. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/configs/{configId}: get: @@ -79,13 +79,13 @@ paths: parameters: - $ref: "#/components/parameters/ConfigId" responses: - '200': + "200": $ref: "#/components/responses/ConfigRes" - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Config does not exist. - '500': + "500": $ref: "#/components/responses/ServiceError" put: summary: Updates config info @@ -98,19 +98,19 @@ paths: parameters: - $ref: "#/components/parameters/ConfigId" requestBody: - $ref: "#/components/requestBodies/ConfigUpdateReq" + $ref: "#/components/requestBodies/ConfigUpdateReq" responses: - '200': + "200": description: Config updated. - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Config does not exist. - '415': + "415": description: Missing or invalid content type. - '500': + "500": $ref: "#/components/responses/ServiceError" delete: summary: Removes a Config @@ -122,13 +122,13 @@ paths: parameters: - $ref: "#/components/parameters/ConfigId" responses: - '204': + "204": description: Config removed. - '400': + "400": description: Failed due to malformed config ID. - '401': + "401": description: Missing or invalid access token provided. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/configs/certs/{configId}: patch: @@ -143,18 +143,18 @@ paths: requestBody: $ref: "#/components/requestBodies/ConfigCertUpdateReq" responses: - '200': + "200": description: Config updated. $ref: "#/components/responses/ConfigUpdateCertsRes" - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Config does not exist. - '415': + "415": description: Missing or invalid content type. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/configs/connections/{configId}: put: @@ -169,17 +169,17 @@ paths: requestBody: $ref: "#/components/requestBodies/ConfigConnUpdateReq" responses: - '200': + "200": description: Config updated. - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Config does not exist. - '415': + "415": description: Missing or invalid content type. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/bootstrap/{externalId}: get: @@ -193,15 +193,15 @@ paths: parameters: - $ref: "#/components/parameters/ExternalId" responses: - '200': + "200": $ref: "#/components/responses/BootstrapConfigRes" - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid external key provided. - '404': + "404": description: Failed to retrieve corresponding config. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/bootstrap/secure/{externalId}: get: @@ -215,12 +215,12 @@ paths: parameters: - $ref: "#/components/parameters/ExternalId" responses: - '200': + "200": $ref: "#/components/responses/BootstrapConfigRes" - '404': + "404": description: | Failed to retrieve corresponding config. - '500': + "500": $ref: "#/components/responses/ServiceError" /things/state/{configId}: put: @@ -233,15 +233,15 @@ paths: parameters: - $ref: "#/components/parameters/ConfigId" requestBody: - $ref: '#/components/requestBodies/ConfigStateUpdateReq' + $ref: "#/components/requestBodies/ConfigStateUpdateReq" responses: - '204': + "204": description: Config removed. - '400': + "400": description: Failed due to malformed config's ID. - '401': + "401": description: Missing or invalid access token provided. - '500': + "500": $ref: "#/components/responses/ServiceError" /health: get: @@ -249,9 +249,9 @@ paths: tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -468,7 +468,7 @@ components: description: Thing Certificate. client_key: type: string - description: Thing Private Key. + description: Thing Private Key. ca_cert: type: string required: @@ -525,14 +525,14 @@ components: responses: ConfigCreateRes: - description: Config registered. - headers: - Location: - content: - text/plain: - schema: - type: string - description: Created configuration's relative URL (i.e. /things/configs/{configId}). + description: Config registered. + headers: + Location: + content: + text/plain: + schema: + type: string + description: Created configuration's relative URL (i.e. /things/configs/{configId}). ConfigListRes: description: Data retrieved. Configs from this list don't contain channels. content: @@ -547,8 +547,8 @@ components: $ref: "#/components/schemas/Config" BootstrapConfigRes: description: | - Data retrieved. If secure, a response is encrypted using - the secret key, so the response is in the binary form. + Data retrieved. If secure, a response is encrypted using + the secret key, so the response is in the binary form. content: application/json: schema: diff --git a/api/openapi/certs.yml b/api/openapi/certs.yml index e8a7e88f4de..f09ee925b7b 100644 --- a/api/openapi/certs.yml +++ b/api/openapi/certs.yml @@ -36,13 +36,13 @@ paths: requestBody: $ref: "#/components/requestBodies/CertReq" responses: - '201': + "201": description: Created - '400': + "400": description: Failed due to malformed JSON. "401": description: Missing or invalid access token provided. - '500': + "500": description: Unexpected server-side error ocurred. /certs/{certID}: get: @@ -54,16 +54,16 @@ paths: parameters: - $ref: "#/components/parameters/CertID" responses: - '200': + "200": $ref: "#/components/responses/CertRes" - '400': + "400": description: Failed due to malformed query parameters. "401": description: Missing or invalid access token provided. - '404': + "404": description: | Failed to retrieve corresponding certificate. - '500': + "500": $ref: "#/components/responses/ServiceError" delete: summary: Revokes a certificate @@ -74,14 +74,14 @@ paths: parameters: - $ref: "#/components/parameters/CertID" responses: - '200': + "200": $ref: "#/components/responses/RevokeRes" "401": description: Missing or invalid access token provided. - '404': + "404": description: | Failed to revoke corresponding certificate. - '500': + "500": $ref: "#/components/responses/ServiceError" /serials/{thingID}: get: @@ -93,16 +93,16 @@ paths: parameters: - $ref: "#/components/parameters/ThingID" responses: - '200': + "200": $ref: "#/components/responses/SerialsPageRes" - '400': + "400": description: Failed due to malformed query parameters. "401": description: Missing or invalid access token provided. - '404': + "404": description: | Failed to retrieve corresponding certificates. - '500': + "500": $ref: "#/components/responses/ServiceError" /health: get: @@ -110,9 +110,9 @@ paths: tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -210,9 +210,9 @@ components: requestBodies: CertReq: description: | - Issues a certificate that is required for mTLS. To create a certificate for a thing - provide a thing id, data identifying particular thing will be embedded into the Certificate. - x509 and ECC certificates are supported when using when Vault is used as PKI. + Issues a certificate that is required for mTLS. To create a certificate for a thing + provide a thing id, data identifying particular thing will be embedded into the Certificate. + x509 and ECC certificates are supported when using when Vault is used as PKI. content: application/json: schema: @@ -221,12 +221,12 @@ components: - thing_id - ttl properties: - thing_id: - type: string - format: uuid - ttl: - type: string - example: "10h" + thing_id: + type: string + format: uuid + ttl: + type: string + example: "10h" responses: ServiceError: diff --git a/api/openapi/consumers-notifiers.yml b/api/openapi/consumers-notifiers.yml index 067d8f96bf8..29eb0fa8b0f 100644 --- a/api/openapi/consumers-notifiers.yml +++ b/api/openapi/consumers-notifiers.yml @@ -20,14 +20,14 @@ servers: - url: https://localhost:9014 - url: http://localhost:9015 - url: https://localhost:9015 - + tags: - name: notifiers description: Everything about your Notifiers externalDocs: description: Find out more about notifiers url: https://docs.magistrala.abstractmachines.fr/ - + paths: /subscriptions: post: @@ -102,9 +102,9 @@ paths: tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -140,7 +140,7 @@ components: contact: type: string example: user@example.com - description: The contact of the user to which the notification will be sent. + description: The contact of the user to which the notification will be sent. Page: type: object properties: diff --git a/api/openapi/http.yml b/api/openapi/http.yml index 5a5a985f09a..64d74d1fe94 100644 --- a/api/openapi/http.yml +++ b/api/openapi/http.yml @@ -25,7 +25,7 @@ tags: externalDocs: description: Find out more about messages url: https://docs.magistrala.abstractmachines.fr/ - + paths: /channels/{id}/messages: post: @@ -50,7 +50,7 @@ paths: description: Message discarded due to invalid channel id. "415": description: Message discarded due to invalid or missing content type. - '500': + "500": $ref: "#/components/responses/ServiceError" /health: get: @@ -58,9 +58,9 @@ paths: tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -154,7 +154,7 @@ components: responses: ServiceError: description: Unexpected server-side error occurred. - + HealthRes: description: Service Health Check. content: diff --git a/api/openapi/provision.yml b/api/openapi/provision.yml index e7d57dae246..ec759762a2a 100644 --- a/api/openapi/provision.yml +++ b/api/openapi/provision.yml @@ -36,13 +36,13 @@ paths: requestBody: $ref: "#/components/requestBodies/ProvisionReq" responses: - '201': + "201": description: Created - '400': + "400": description: Failed due to malformed JSON. "401": description: Missing or invalid access token provided. - '500': + "500": $ref: "#/components/responses/ServiceError" get: summary: Gets current mapping. @@ -52,11 +52,11 @@ paths: tags: - provision responses: - '200': + "200": $ref: "#/components/responses/ProvisionRes" "401": description: Missing or invalid access token provided. - '500': + "500": $ref: "#/components/responses/ServiceError" /health: get: @@ -64,9 +64,9 @@ paths: tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -84,9 +84,9 @@ components: external_id: type: string external_key: - type: string + type: string name: - type: string + type: string responses: ServiceError: diff --git a/api/openapi/twins.yml b/api/openapi/twins.yml index fd826ca319c..9c9cafb8b82 100644 --- a/api/openapi/twins.yml +++ b/api/openapi/twins.yml @@ -18,7 +18,7 @@ info: servers: - url: http://localhost:9018 - url: https://localhost:9018 - + tags: - name: twins description: Everything about your Twins @@ -26,7 +26,6 @@ tags: description: Find out more about twins url: https://docs.magistrala.abstractmachines.fr/ - paths: /twins: post: @@ -39,16 +38,16 @@ paths: requestBody: $ref: "#/components/requestBodies/TwinReq" responses: - '201': + "201": $ref: "#/components/responses/TwinCreateRes" - '400': + "400": description: Failed due to malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '415': + "415": description: Missing or invalid content type. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" get: summary: Retrieves twins @@ -58,19 +57,19 @@ paths: tags: - twins parameters: - - $ref: '#/components/parameters/Limit' - - $ref: '#/components/parameters/Offset' - - $ref: '#/components/parameters/Name' - - $ref: '#/components/parameters/Metadata' + - $ref: "#/components/parameters/Limit" + - $ref: "#/components/parameters/Offset" + - $ref: "#/components/parameters/Name" + - $ref: "#/components/parameters/Metadata" responses: - '200': - $ref: '#/components/responses/TwinsPageRes' - '400': + "200": + $ref: "#/components/responses/TwinsPageRes" + "400": description: Failed due to malformed query parameters. - '401': + "401": description: Missing or invalid access token provided. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" /twins/{twinID}: get: @@ -78,18 +77,18 @@ paths: tags: - twins parameters: - - $ref: '#/components/parameters/TwinID' + - $ref: "#/components/parameters/TwinID" responses: - '200': - $ref: '#/components/responses/TwinRes' - '400': + "200": + $ref: "#/components/responses/TwinRes" + "400": description: Failed due to malformed twin's ID. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Twin does not exist. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" put: summary: Updates twin info description: | @@ -98,40 +97,40 @@ paths: tags: - twins parameters: - - $ref: '#/components/parameters/TwinID' + - $ref: "#/components/parameters/TwinID" requestBody: - $ref: '#/components/requestBodies/TwinReq' + $ref: "#/components/requestBodies/TwinReq" responses: - '200': + "200": description: Twin updated. - '400': + "400": description: Failed due to malformed twin's ID or malformed JSON. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Twin does not exist. - '415': + "415": description: Missing or invalid content type. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" delete: summary: Removes a twin description: Removes a twin. tags: - twins parameters: - - $ref: '#/components/parameters/TwinID' + - $ref: "#/components/parameters/TwinID" responses: - '204': + "204": description: Twin removed. - '400': + "400": description: Failed due to malformed twin's ID. - '401': + "401": description: Missing or invalid access token provided - '404': + "404": description: Twin does not exist. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" /states/{twinID}: get: @@ -142,29 +141,29 @@ paths: tags: - states parameters: - - $ref: '#/components/parameters/TwinID' - - $ref: '#/components/parameters/Limit' - - $ref: '#/components/parameters/Offset' + - $ref: "#/components/parameters/TwinID" + - $ref: "#/components/parameters/Limit" + - $ref: "#/components/parameters/Offset" responses: - '200': - $ref: '#/components/responses/StatesPageRes' - '400': + "200": + $ref: "#/components/responses/StatesPageRes" + "400": description: Failed due to malformed query parameters. - '401': + "401": description: Missing or invalid access token provided. - '404': + "404": description: Twin does not exist. - '500': - $ref: '#/components/responses/ServiceError' + "500": + $ref: "#/components/responses/ServiceError" /health: get: summary: Retrieves service health check info. tags: - health responses: - '200': + "200": $ref: "#/components/responses/HealthRes" - '500': + "500": $ref: "#/components/responses/ServiceError" components: @@ -242,7 +241,7 @@ components: minItems: 0 uniqueItems: true items: - $ref: '#/components/schemas/Attribute' + $ref: "#/components/schemas/Attribute" TwinReqObj: type: object properties: @@ -253,7 +252,7 @@ components: type: object description: Arbitrary, object-encoded twin's data. definition: - $ref: '#/components/schemas/Definition' + $ref: "#/components/schemas/Definition" TwinResObj: type: object properties: @@ -283,7 +282,7 @@ components: minItems: 0 uniqueItems: true items: - $ref: '#/components/schemas/Definition' + $ref: "#/components/schemas/Definition" metadata: type: object description: Arbitrary, object-encoded twin's data. @@ -295,7 +294,7 @@ components: minItems: 0 uniqueItems: true items: - $ref: '#/components/schemas/TwinResObj' + $ref: "#/components/schemas/TwinResObj" total: type: integer description: Total number of items. @@ -332,7 +331,7 @@ components: minItems: 0 uniqueItems: true items: - $ref: '#/components/schemas/State' + $ref: "#/components/schemas/State" total: type: integer description: Total number of items. @@ -351,7 +350,7 @@ components: content: application/json: schema: - $ref: '#/components/schemas/TwinReqObj' + $ref: "#/components/schemas/TwinReqObj" required: true responses: @@ -368,19 +367,19 @@ components: content: application/json: schema: - $ref: '#/components/schemas/TwinResObj' + $ref: "#/components/schemas/TwinResObj" TwinsPageRes: description: Data retrieved. content: application/json: schema: - $ref: '#/components/schemas/TwinsPage' + $ref: "#/components/schemas/TwinsPage" StatesPageRes: description: Data retrieved. content: application/json: schema: - $ref: '#/components/schemas/StatesPage' + $ref: "#/components/schemas/StatesPage" ServiceError: description: Unexpected server-side error occurred. HealthRes: diff --git a/api/openapi/users.yml b/api/openapi/users.yml index 776d3f86e14..a47e39cb453 100644 --- a/api/openapi/users.yml +++ b/api/openapi/users.yml @@ -1463,6 +1463,16 @@ components: required: true example: bb7edb32-2eac-4aad-aebe-ed96fe073879 + DomainID: + name: domainID + description: Unique domain identifier. + in: path + schema: + type: string + format: uuid + required: true + example: bb7edb32-2eac-4aad-aebe-ed96fe073879 + MemberID: name: memberID description: Unique member identifier. diff --git a/certs/README.md b/certs/README.md index a0e727dba73..6d1385662de 100644 --- a/certs/README.md +++ b/certs/README.md @@ -13,11 +13,11 @@ For lab purposes you can use docker-compose and script for setting up PKI in [ht ```bash MG_CERTS_VAULT_HOST= -MG_CERTS_VAULT_NAMESPACE= -MG_CERTS_VAULT_APPROLE_ROLEID= -MG_CERTS_VAULT_APPROLE_SECRET= -MG_CERTS_VAULT_THINGS_CERTS_PKI_PATH= -MG_CERTS_VAULT_THINGS_CERTS_PKI_ROLE_NAME= +MG_CERTS_VAULT_NAMESPACE= +MG_CERTS_VAULT_APPROLE_ROLEID= +MG_CERTS_VAULT_APPROLE_SECRET= +MG_CERTS_VAULT_THINGS_CERTS_PKI_PATH= +MG_CERTS_VAULT_THINGS_CERTS_PKI_ROLE_NAME= ``` The certificates can also be revoked using `certs` service. To revoke a certificate you need to provide `thing_id` of the thing for which the certificate was issued. @@ -30,7 +30,6 @@ curl -s -S -X DELETE http://localhost:9019/certs/revoke -H "Authorization: Beare The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. - | Variable | Description | Default | | :---------------------------------------- | --------------------------------------------------------------------------- | ---------------------------------------------------------------------- | | MG_CERTS_LOG_LEVEL | Log level for the Certs (debug, info, warn, error) | info | diff --git a/consumers/notifiers/README.md b/consumers/notifiers/README.md index 4efb05fc3e5..b7bd9336ed8 100644 --- a/consumers/notifiers/README.md +++ b/consumers/notifiers/README.md @@ -15,7 +15,6 @@ An example of the service configuration for SMTP Notifier can be found [in SMTP Note that any unset variables will be replaced with their default values. - ## Usage Subscriptions service will start consuming messages and sending notifications when a message is received. diff --git a/docker/README.md b/docker/README.md index 4f36f96e771..f7fde5c341a 100644 --- a/docker/README.md +++ b/docker/README.md @@ -31,7 +31,7 @@ Magistrala supports configurable MQTT broker and Message broker, which also acts Events store: This is used by Magistrala services to store events for distributed processing. Magistrala uses a single service to be the message broker and events store. This can either be 'NATS' or 'RabbitMQ'. Redis can also be used as an events store, but it requires a message broker to be deployed along with it for message exchange. -This is the same as MESSAGE_BROKER. This can either be 'NATS' or 'RabbitMQ' or 'Redis'. If Redis is used as an events store, then RabbitMQ or NATS is used as a message broker. +This is the same as MESSAGE_BROKER. This can either be 'NATS' or 'RabbitMQ' or 'Redis'. If Redis is used as an events store, then RabbitMQ or NATS is used as a message broker. The current deployment strategy for Magistrala in `docker/docker-compose.yml` is to use VerneMQ as a MQTT_BROKER and NATS as a MESSAGE_BROKER and EVENTS_STORE. @@ -125,9 +125,9 @@ By using environment variables file at `docker/.env` you can modify the below gi `MG_NGINX_SERVER_NAME` environmental variable is used to configure nginx directive `server_name`. If environmental variable `MG_NGINX_SERVER_NAME` is empty then default value `localhost` will set to `server_name`. -`MG_NGINX_SERVER_CERT` environmental variable is used to configure nginx directive `ssl_certificate`. If environmental variable `MG_NGINX_SERVER_CERT` is empty then by default server certificate in the path `docker/ssl/certs/magistrala-server.crt` will be assigned. +`MG_NGINX_SERVER_CERT` environmental variable is used to configure nginx directive `ssl_certificate`. If environmental variable `MG_NGINX_SERVER_CERT` is empty then by default server certificate in the path `docker/ssl/certs/magistrala-server.crt` will be assigned. -`MG_NGINX_SERVER_KEY` environmental variable is used to configure nginx directive `ssl_certificate_key`. If environmental variable `MG_NGINX_SERVER_KEY` is empty then by default server certificate key in the path `docker/ssl/certs/magistrala-server.key` will be assigned. +`MG_NGINX_SERVER_KEY` environmental variable is used to configure nginx directive `ssl_certificate_key`. If environmental variable `MG_NGINX_SERVER_KEY` is empty then by default server certificate key in the path `docker/ssl/certs/magistrala-server.key` will be assigned. `MG_NGINX_SERVER_CLIENT_CA` environmental variable is used to configure nginx directive `ssl_client_certificate`. If environmental variable `MG_NGINX_SERVER_CLIENT_CA` is empty then by default certificate in the path `docker/ssl/certs/ca.crt` will be assigned. diff --git a/docker/addons/bootstrap/docker-compose.yml b/docker/addons/bootstrap/docker-compose.yml index b9acd52e683..2cf31b3f8b3 100644 --- a/docker/addons/bootstrap/docker-compose.yml +++ b/docker/addons/bootstrap/docker-compose.yml @@ -14,7 +14,6 @@ networks: volumes: magistrala-bootstrap-db-volume: - services: bootstrap-db: image: postgres:16.1-alpine diff --git a/docker/addons/certs/docker-compose.yml b/docker/addons/certs/docker-compose.yml index 41b9661161f..b023b212cf7 100644 --- a/docker/addons/certs/docker-compose.yml +++ b/docker/addons/certs/docker-compose.yml @@ -14,7 +14,6 @@ networks: volumes: magistrala-certs-db-volume: - services: certs-db: image: postgres:16.1-alpine diff --git a/docker/addons/prometheus/grafana/datasource.yml b/docker/addons/prometheus/grafana/datasource.yml index 4db83aa3fcc..7e48150baf2 100644 --- a/docker/addons/prometheus/grafana/datasource.yml +++ b/docker/addons/prometheus/grafana/datasource.yml @@ -4,9 +4,9 @@ apiVersion: 1 datasources: -- name: Prometheus - type: prometheus - url: http://magistrala-prometheus:9090 - isDefault: true - access: proxy - editable: true + - name: Prometheus + type: prometheus + url: http://magistrala-prometheus:9090 + isDefault: true + access: proxy + editable: true diff --git a/docker/addons/prometheus/grafana/example-dashboard.json b/docker/addons/prometheus/grafana/example-dashboard.json index 56041031292..1df3e7359e7 100644 --- a/docker/addons/prometheus/grafana/example-dashboard.json +++ b/docker/addons/prometheus/grafana/example-dashboard.json @@ -97,9 +97,7 @@ "justifyMode": "auto", "orientation": "vertical", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -166,9 +164,7 @@ "justifyMode": "auto", "orientation": "auto", "reduceOptions": { - "calcs": [ - "last" - ], + "calcs": ["last"], "fields": "", "values": false }, @@ -263,11 +259,7 @@ "interval": "15s", "options": { "legend": { - "calcs": [ - "mean", - "sum", - "lastNotNull" - ], + "calcs": ["mean", "sum", "lastNotNull"], "displayMode": "table", "placement": "bottom", "showLegend": true @@ -434,9 +426,7 @@ "options": { "orientation": "auto", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -537,11 +527,7 @@ "interval": "30", "options": { "legend": { - "calcs": [ - "min", - "max", - "mean" - ], + "calcs": ["min", "max", "mean"], "displayMode": "table", "placement": "bottom", "showLegend": true @@ -618,9 +604,7 @@ "options": { "orientation": "auto", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -720,11 +704,7 @@ "interval": "30", "options": { "legend": { - "calcs": [ - "min", - "max", - "mean" - ], + "calcs": ["min", "max", "mean"], "displayMode": "table", "placement": "bottom", "showLegend": true @@ -801,9 +781,7 @@ "options": { "orientation": "auto", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -903,11 +881,7 @@ "interval": "30", "options": { "legend": { - "calcs": [ - "min", - "max", - "mean" - ], + "calcs": ["min", "max", "mean"], "displayMode": "table", "placement": "bottom", "showLegend": true @@ -984,9 +958,7 @@ "options": { "orientation": "auto", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -1085,11 +1057,7 @@ "id": 23, "options": { "legend": { - "calcs": [ - "min", - "max", - "mean" - ], + "calcs": ["min", "max", "mean"], "displayMode": "table", "placement": "bottom", "showLegend": true @@ -1166,9 +1134,7 @@ "options": { "orientation": "auto", "reduceOptions": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "fields": "", "values": false }, @@ -1259,11 +1225,7 @@ "id": 40, "options": { "legend": { - "calcs": [ - "min", - "max", - "mean" - ], + "calcs": ["min", "max", "mean"], "displayMode": "table", "placement": "bottom", "showLegend": true diff --git a/docker/addons/prometheus/metrics/prometheus.yml b/docker/addons/prometheus/metrics/prometheus.yml index ecac123d6dd..7ac11ca4899 100644 --- a/docker/addons/prometheus/metrics/prometheus.yml +++ b/docker/addons/prometheus/metrics/prometheus.yml @@ -2,11 +2,11 @@ # SPDX-License-Identifier: Apache-2.0 global: - scrape_interval: 15s + scrape_interval: 15s evaluation_interval: 15s scrape_configs: - - job_name: 'magistrala' + - job_name: "magistrala" honor_timestamps: true scrape_interval: 15s scrape_timeout: 10s @@ -14,9 +14,9 @@ scrape_configs: follow_redirects: true enable_http2: true static_configs: - - targets: - - magistrala-things:9000 - - magistrala-users:9002 - - magistrala-http:8008 - - magistrala-ws:8186 - - magistrala-coap:5683 + - targets: + - magistrala-things:9000 + - magistrala-users:9002 + - magistrala-http:8008 + - magistrala-ws:8186 + - magistrala-coap:5683 diff --git a/docker/addons/twins/docker-compose.yml b/docker/addons/twins/docker-compose.yml index 814dc5f4c9d..2623aa5d27f 100644 --- a/docker/addons/twins/docker-compose.yml +++ b/docker/addons/twins/docker-compose.yml @@ -71,7 +71,7 @@ services: ports: - ${MG_TWINS_HTTP_PORT}:${MG_TWINS_HTTP_PORT} networks: - magistrala-base-net: + magistrala-base-net: depends_on: - twins-db - twins-redis diff --git a/docker/addons/vault/README.md b/docker/addons/vault/README.md index 1ac1136bca7..b0de8af58d8 100644 --- a/docker/addons/vault/README.md +++ b/docker/addons/vault/README.md @@ -96,22 +96,22 @@ This script should not be necessary to run after the initial setup, since the Va ### 4. `vault_set_pki.sh` This script is used to generate the root certificate, intermediate certificate and HTTPS server certificate. -All generate certificates, keys and CSR by `vault_set_pki.sh` will be present at `docker/addons/vault/data`. +All generate certificates, keys and CSR by `vault_set_pki.sh` will be present at `docker/addons/vault/data`. -The parameters required for generating certificate are obtained from the environment variables which are loaded from `docker/.env`. +The parameters required for generating certificate are obtained from the environment variables which are loaded from `docker/.env`. Environmental variables starting with `MG_VAULT_PKI` in `docker/.env` file are used by `vault_set_pki.sh` to generate root CA. -Environmental variables starting with`MG_VAULT_PKI_INT` in `docker/.env` file are used by `vault_set_pki.sh` to generate intermediate CA. +Environmental variables starting with`MG_VAULT_PKI_INT` in `docker/.env` file are used by `vault_set_pki.sh` to generate intermediate CA. Passing command line args `--skip-server-cert` to `vault_set_pki.sh` will skip server certificate role & process of generation of server certificate & key. -### 5. `vault_create_approle.sh` +### 5. `vault_create_approle.sh` -This script is used to enable app role authorization in Vault. Certs service used the approle credentials to issue, revoke things certificate from vault intermedate CA. +This script is used to enable app role authorization in Vault. Certs service used the approle credentials to issue, revoke things certificate from vault intermedate CA. `vault_create_approle.sh` script by default tries to enable auth approle. If approle is already enabled in vault, then use args `--skip-enable-approle` to skip enable auth approle step. -To skip enable auth approle step use the following `vault_create_approle.sh --skip-enable-approle` +To skip enable auth approle step use the following `vault_create_approle.sh --skip-enable-approle` ### 6. `vault_copy_certs.sh` @@ -124,7 +124,7 @@ Requirement: [VAULT CLI](https://developer.hashicorp.com/vault/tutorials/getting - Replace the environmental variable `MG_VAULT_ADDR` in `docker/.env` with HCP Vault address. - Replace the environmental variable `MG_VAULT_TOKEN` in `docker/.env` with HCP Vault Admin token. -- Run script `vault_set_pki.sh` and `vault_create_approle.sh`. +- Run script `vault_set_pki.sh` and `vault_create_approle.sh`. - Optional step, run script `vault_copy_certs.sh` to copy certificates to magistrala default path. ## Vault CLI diff --git a/docker/addons/vault/docker-compose.yml b/docker/addons/vault/docker-compose.yml index 0158a0dce5c..ef9f116a2be 100644 --- a/docker/addons/vault/docker-compose.yml +++ b/docker/addons/vault/docker-compose.yml @@ -8,7 +8,7 @@ # from project root. Vault default port (8200) is exposed, so you can use Vault CLI tool for # vault inspection and administration, as well as access the UI. -version: '3.7' +version: "3.7" networks: magistrala-base-net: diff --git a/docker/ssl/authorization.js b/docker/ssl/authorization.js index 5bfedbe9c20..09cb74ebae9 100644 --- a/docker/ssl/authorization.js +++ b/docker/ssl/authorization.js @@ -1,57 +1,61 @@ // Copyright (c) Abstract Machines // SPDX-License-Identifier: Apache-2.0 -var clientKey = ''; +var clientKey = ""; // Check certificate MQTTS. function authenticate(s) { - if (!s.variables.ssl_client_s_dn || !s.variables.ssl_client_s_dn.length || - !s.variables.ssl_client_verify || s.variables.ssl_client_verify != "SUCCESS") { - s.deny(); - return; + if ( + !s.variables.ssl_client_s_dn || + !s.variables.ssl_client_s_dn.length || + !s.variables.ssl_client_verify || + s.variables.ssl_client_verify != "SUCCESS" + ) { + s.deny(); + return; + } + + s.on("upload", function (data) { + if (data == "") { + return; } - s.on('upload', function (data) { - if (data == '') { - return; - } - - var packet_type_flags_byte = data.codePointAt(0); - // First MQTT packet contain message type and flags. CONNECT message type - // is encoded as 0001, and we're not interested in flags, so only values - // 0001xxxx (which is between 16 and 32) should be checked. - if (packet_type_flags_byte < 16 || packet_type_flags_byte >= 32) { - s.off('upload'); - s.allow(); - return; - } - - if (clientKey === '') { - clientKey = parseCert(s.variables.ssl_client_s_dn, 'CN'); - } - - var pass = parsePackage(s, data); - - if (!clientKey.length || !clientKey.endsWith(pass) ) { - s.error('Cert CN (' + clientKey + ') does not contain client password'); - s.off('upload') - s.deny(); - return; - } - - s.off('upload'); - s.allow(); - }) + var packet_type_flags_byte = data.codePointAt(0); + // First MQTT packet contain message type and flags. CONNECT message type + // is encoded as 0001, and we're not interested in flags, so only values + // 0001xxxx (which is between 16 and 32) should be checked. + if (packet_type_flags_byte < 16 || packet_type_flags_byte >= 32) { + s.off("upload"); + s.allow(); + return; + } + + if (clientKey === "") { + clientKey = parseCert(s.variables.ssl_client_s_dn, "CN"); + } + + var pass = parsePackage(s, data); + + if (!clientKey.length || !clientKey.endsWith(pass)) { + s.error("Cert CN (" + clientKey + ") does not contain client password"); + s.off("upload"); + s.deny(); + return; + } + + s.off("upload"); + s.allow(); + }); } function parsePackage(s, data) { - // An explanation of MQTT packet structure can be found here: - // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#msg-format. + // An explanation of MQTT packet structure can be found here: + // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#msg-format. - // CONNECT message is explained here: - // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#connect. + // CONNECT message is explained here: + // https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html#connect. - /* + /* 0 1 2 3 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ @@ -83,99 +87,99 @@ function parsePackage(s, data) { This method extracts Password field. */ - // Extract variable length header. It's 1-4 bytes. As long as continuation byte is - // 1, there are more bytes in this header. This algorithm is explained here: - // http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180836 - var len_size = 1; - for (var remaining_len = 1; remaining_len < 5; remaining_len++) { - if (data.codePointAt(remaining_len) > 128) { - len_size += 1; - continue; - } - break; + // Extract variable length header. It's 1-4 bytes. As long as continuation byte is + // 1, there are more bytes in this header. This algorithm is explained here: + // http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180836 + var len_size = 1; + for (var remaining_len = 1; remaining_len < 5; remaining_len++) { + if (data.codePointAt(remaining_len) > 128) { + len_size += 1; + continue; } - - // CONTROL(1) + MSG_LEN(1-4) + PROTO_NAME_LEN(2) + PROTO_NAME(4) + PROTO_VERSION(1) - var flags_pos = 1 + len_size + 2 + 4 + 1; - var flags = data.codePointAt(flags_pos); - - // If there are no username and password flags (11xxxxxx), return. - if (flags < 192) { - s.error('MQTT username or password not provided'); - return ''; + break; + } + + // CONTROL(1) + MSG_LEN(1-4) + PROTO_NAME_LEN(2) + PROTO_NAME(4) + PROTO_VERSION(1) + var flags_pos = 1 + len_size + 2 + 4 + 1; + var flags = data.codePointAt(flags_pos); + + // If there are no username and password flags (11xxxxxx), return. + if (flags < 192) { + s.error("MQTT username or password not provided"); + return ""; + } + + // FLAGS(1) + KEEP_ALIVE(2) + var shift = flags_pos + 1 + 2; + + // Number of bytes to encode length. + var len_bytes_num = 2; + + // If Wil Flag is present, Will Topic and Will Message need to be skipped as well. + var shift_flags = 196 <= flags ? 5 : 3; + var len_msb, len_lsb, len; + + for (var i = 0; i < shift_flags; i++) { + len_msb = data.codePointAt(shift).toString(16); + len_lsb = data.codePointAt(shift + 1).toString(16); + len = calcLen(len_msb, len_lsb); + shift += len_bytes_num; + if (i != shift_flags - 1) { + shift += len; } + } - // FLAGS(1) + KEEP_ALIVE(2) - var shift = flags_pos + 1 + 2; - - // Number of bytes to encode length. - var len_bytes_num = 2; - - // If Wil Flag is present, Will Topic and Will Message need to be skipped as well. - var shift_flags = 196 <= flags ? 5 : 3; - var len_msb, len_lsb, len; - - for (var i = 0; i < shift_flags; i++) { - len_msb = data.codePointAt(shift).toString(16); - len_lsb = data.codePointAt(shift + 1).toString(16); - len = calcLen(len_msb, len_lsb); - shift += len_bytes_num; - if (i != shift_flags - 1) { - shift += len; - } - } - - var password = data.substring(shift, shift + len); - return password; + var password = data.substring(shift, shift + len); + return password; } // Check certificate HTTPS and WSS. function setKey(r) { - if (clientKey === '') { - clientKey = parseCert(r.variables.ssl_client_s_dn, 'CN'); + if (clientKey === "") { + clientKey = parseCert(r.variables.ssl_client_s_dn, "CN"); + } + + var auth = r.headersIn["Authorization"]; + if (auth && auth.length && auth != clientKey) { + r.error("Authorization header does not match certificate"); + return ""; + } + + if (r.uri.startsWith("/ws") && (!auth || !auth.length)) { + var a; + for (a in r.args) { + if (a == "authorization" && r.args[a] === clientKey) { + return clientKey; + } } - var auth = r.headersIn['Authorization']; - if (auth && auth.length && auth != clientKey) { - r.error('Authorization header does not match certificate'); - return ''; - } + r.error("Authorization param does not match certificate"); + return ""; + } - if (r.uri.startsWith('/ws') && (!auth || !auth.length)) { - var a; - for (a in r.args) { - if (a == 'authorization' && r.args[a] === clientKey) { - return clientKey - } - } - - r.error('Authorization param does not match certificate') - return ''; - } - - return clientKey; + return clientKey; } function calcLen(msb, lsb) { - if (lsb < 2) { - lsb = '0' + lsb; - } + if (lsb < 2) { + lsb = "0" + lsb; + } - return parseInt(msb + lsb, 16); + return parseInt(msb + lsb, 16); } function parseCert(cert, key) { - if (cert.length) { - var pairs = cert.split(','); - for (var i = 0; i < pairs.length; i++) { - var pair = pairs[i].split('='); - if (pair[0].toUpperCase() == key) { - return "Thing " + pair[1].replace("\\", "").trim(); - } - } + if (cert.length) { + var pairs = cert.split(","); + for (var i = 0; i < pairs.length; i++) { + var pair = pairs[i].split("="); + if (pair[0].toUpperCase() == key) { + return "Thing " + pair[1].replace("\\", "").trim(); + } } + } - return ''; + return ""; } -export default {setKey,authenticate}; +export default { setKey, authenticate }; diff --git a/internal/email/README.md b/internal/email/README.md index a152d685081..a7a2c509c77 100644 --- a/internal/email/README.md +++ b/internal/email/README.md @@ -1,21 +1,21 @@ # Magistrala Email Agent -Magistrala Email Agent is used for sending emails. It wraps basic SMTP features and +Magistrala Email Agent is used for sending emails. It wraps basic SMTP features and provides a simple API that Magistrala services can use to send email notifications. ## Configuration Magistrala Email Agent is configured using the following configuration parameters: -| Parameter | Description | -| ----------------------------------- | ----------------------------------------------------------------------- | -| MG_EMAIL_HOST | Mail server host | -| MG_EMAIL_PORT | Mail server port | -| MG_EMAIL_USERNAME | Mail server username | -| MG_EMAIL_PASSWORD | Mail server password | -| MG_EMAIL_FROM_ADDRESS | Email "from" address | -| MG_EMAIL_FROM_NAME | Email "from" name | -| MG_EMAIL_TEMPLATE | Email template for sending notification emails | +| Parameter | Description | +| --------------------- | ---------------------------------------------- | +| MG_EMAIL_HOST | Mail server host | +| MG_EMAIL_PORT | Mail server port | +| MG_EMAIL_USERNAME | Mail server username | +| MG_EMAIL_PASSWORD | Mail server password | +| MG_EMAIL_FROM_ADDRESS | Email "from" address | +| MG_EMAIL_FROM_NAME | Email "from" name | +| MG_EMAIL_TEMPLATE | Email template for sending notification emails | There are two authentication methods supported: Basic Auth and CRAM-MD5. If `MG_EMAIL_USERNAME` is empty, no authentication will be used. diff --git a/pkg/messaging/README.md b/pkg/messaging/README.md index f8b07f8eb1e..6c5e8a042b2 100644 --- a/pkg/messaging/README.md +++ b/pkg/messaging/README.md @@ -1,8 +1,8 @@ # Messaging -`messaging` package defines `Publisher`, `Subscriber` and an aggregate `Pubsub` interface. +`messaging` package defines `Publisher`, `Subscriber` and an aggregate `Pubsub` interface. -`Subscriber` interface defines methods used to subscribe to a message broker such as MQTT or NATS or RabbitMQ. +`Subscriber` interface defines methods used to subscribe to a message broker such as MQTT or NATS or RabbitMQ. `Publisher` interface defines methods used to publish messages to a message broker such as MQTT or NATS or RabbitMQ. diff --git a/pkg/sdk/README.md b/pkg/sdk/README.md index c5a945c7dee..da81086db35 100644 --- a/pkg/sdk/README.md +++ b/pkg/sdk/README.md @@ -1,5 +1,5 @@ # Magistrala SDK kits -This directory contains drivers for Magistrala HTTP API. Drivers facilitate system administration - CRUD operations on things, channels and their connections, i.e. provision of Magistrala entities. They can be used also for messaging. +This directory contains drivers for Magistrala HTTP API. Drivers facilitate system administration - CRUD operations on things, channels and their connections, i.e. provision of Magistrala entities. They can be used also for messaging. Drivers are written in different languages in order to enable the faster application development in the respective language. diff --git a/pkg/transformers/json/README.md b/pkg/transformers/json/README.md index 4e34ed510c6..d6a7df4a185 100644 --- a/pkg/transformers/json/README.md +++ b/pkg/transformers/json/README.md @@ -4,42 +4,42 @@ JSON Transformer provides Message Transformer for JSON messages. To transform Magistrala Message successfully, the payload must be a JSON object. For the messages that contain _JSON array as the root element_, JSON Transformer does normalization of the data: it creates a separate JSON message for each JSON object in the root. In order to be processed and stored properly, JSON messages need to contain message format information. For the sake of the simpler storing of the messages, nested JSON objects are flatten to a single JSON object, using composite keys with the default separator `/`. This implies that the separator character (`/`) _is not allowed in the JSON object key_. For example, the following JSON object: + ```json { - "name": "name", - "id":8659456789564231564, - "in": 3.145, - "alarm": true, - "ts": 1571259850000, - "d": { - "tmp": 2.564, - "hmd": 87, - "loc": { - "x": 1, - "y": 2 - } + "name": "name", + "id": 8659456789564231564, + "in": 3.145, + "alarm": true, + "ts": 1571259850000, + "d": { + "tmp": 2.564, + "hmd": 87, + "loc": { + "x": 1, + "y": 2 } + } } ``` will be transformed to: ```json - { - "name": "name", - "id":8659456789564231564, - "in": 3.145, - "alarm": true, - "ts": 1571259850000, - "d/tmp": 2.564, - "d/hmd": 87, - "d/loc/x": 1, - "d/loc/y": 2 + "name": "name", + "id": 8659456789564231564, + "in": 3.145, + "alarm": true, + "ts": 1571259850000, + "d/tmp": 2.564, + "d/hmd": 87, + "d/loc/x": 1, + "d/loc/y": 2 } ``` -The message format is stored in *the subtopic*. It's the last part of the subtopic. In the example: +The message format is stored in _the subtopic_. It's the last part of the subtopic. In the example: ``` http://localhost:8008/channels//messages/home/temperature/myFormat diff --git a/provision/README.md b/provision/README.md index 3446efae310..1a028b92dfc 100644 --- a/provision/README.md +++ b/provision/README.md @@ -17,28 +17,28 @@ The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. -| Variable | Description | Default | -| ----------------------------------- | ------------------------------------------------- | ------------------------------------ | -| MG_PROVISION_LOG_LEVEL | Service log level | debug | -| MG_PROVISION_USER | User (email) for accessing Magistrala | | -| MG_PROVISION_PASS | Magistrala password | user123 | -| MG_PROVISION_API_KEY | Magistrala authentication token | | -| MG_PROVISION_CONFIG_FILE | Provision config file | config.toml | -| MG_PROVISION_HTTP_PORT | Provision service listening port | 9016 | -| MG_PROVISION_ENV_CLIENTS_TLS | Magistrala SDK TLS verification | false | -| MG_PROVISION_SERVER_CERT | Magistrala gRPC secure server cert | | -| MG_PROVISION_SERVER_KEY | Magistrala gRPC secure server key | | -| MG_PROVISION_USERS_LOCATION | Users service URL | | -| MG_PROVISION_THINGS_LOCATION | Things service URL | | -| MG_PROVISION_BS_SVC_URL | Magistrala Bootstrap service URL | | -| MG_PROVISION_CERTS_SVC_URL | Certificates service URL | | -| MG_PROVISION_X509_PROVISIONING | Should X509 client cert be provisioned | false | -| MG_PROVISION_BS_CONFIG_PROVISIONING | Should thing config be saved in Bootstrap service | true | -| MG_PROVISION_BS_AUTO_WHITELIST | Should thing be auto whitelisted | true | -| MG_PROVISION_BS_CONTENT | Bootstrap service configs content, JSON format | {} | -| MG_PROVISION_CERTS_RSA_BITS | Certificate RSA bits parameter | 4096 | -| MG_PROVISION_CERTS_HOURS_VALID | Number of hours that certificate is valid | "2400h" | -| MG_SEND_TELEMETRY | Send telemetry to magistrala call home server | true | +| Variable | Description | Default | +| ----------------------------------- | ------------------------------------------------- | ----------------------- | +| MG_PROVISION_LOG_LEVEL | Service log level | debug | +| MG_PROVISION_USER | User (email) for accessing Magistrala | | +| MG_PROVISION_PASS | Magistrala password | user123 | +| MG_PROVISION_API_KEY | Magistrala authentication token | | +| MG_PROVISION_CONFIG_FILE | Provision config file | config.toml | +| MG_PROVISION_HTTP_PORT | Provision service listening port | 9016 | +| MG_PROVISION_ENV_CLIENTS_TLS | Magistrala SDK TLS verification | false | +| MG_PROVISION_SERVER_CERT | Magistrala gRPC secure server cert | | +| MG_PROVISION_SERVER_KEY | Magistrala gRPC secure server key | | +| MG_PROVISION_USERS_LOCATION | Users service URL | | +| MG_PROVISION_THINGS_LOCATION | Things service URL | | +| MG_PROVISION_BS_SVC_URL | Magistrala Bootstrap service URL | | +| MG_PROVISION_CERTS_SVC_URL | Certificates service URL | | +| MG_PROVISION_X509_PROVISIONING | Should X509 client cert be provisioned | false | +| MG_PROVISION_BS_CONFIG_PROVISIONING | Should thing config be saved in Bootstrap service | true | +| MG_PROVISION_BS_AUTO_WHITELIST | Should thing be auto whitelisted | true | +| MG_PROVISION_BS_CONTENT | Bootstrap service configs content, JSON format | {} | +| MG_PROVISION_CERTS_RSA_BITS | Certificate RSA bits parameter | 4096 | +| MG_PROVISION_CERTS_HOURS_VALID | Number of hours that certificate is valid | "2400h" | +| MG_SEND_TELEMETRY | Send telemetry to magistrala call home server | true | By default, call to `/mapping` endpoint will create one thing and two channels (`control` and `data`) and connect it. If there is a requirement for different provision layout we can use [config](docker/configs/config.toml) file in addition to environment variables. diff --git a/tools/provision/README.md b/tools/provision/README.md index 11b1d08593d..13c5c44a8e5 100644 --- a/tools/provision/README.md +++ b/tools/provision/README.md @@ -6,12 +6,14 @@ This tool is useful for testing, and it creates a TOML format output (on stdout, that can be used by Magistrala MQTT benchmarking tool (`mqtt-bench`). ## Installation + ``` cd tools/provision make ``` ### Usage + ``` ./provision --help Tool for provisioning series of Magistrala channels and things and connecting them together. @@ -33,6 +35,7 @@ Flags: ``` Example: + ``` go run tools/provision/cmd/main.go -u test@magistrala.com -p test1234 --host https://142.93.118.47 ``` @@ -44,11 +47,10 @@ go run tools/provision/cmd/main.go --host http://localhost --num 10 -u test@mag ``` ->`ca.crt` and `ca.key` are used for creating things certificate and for HTTPS, +> `ca.crt` and `ca.key` are used for creating things certificate and for HTTPS, > if you are provisioning on remote server you will have to get these files to your local > directory so that you can create certificates for things - Example of output: ```